Debapriya Basu Roy

Role of power grid in side channel attack and power-grid-aware secure design

Side-channel attack (SCA) is a method in which an attacker aims at extracting secret information from crypto chips by analyzing physical parameters (e.g. power). SCA has emerged as a serious threat to many mathematically unbreakable cryptography systems. From an attackers point of view, the difficulty of mounting SCA largely depends on Signal-to-Noise Ratio (SNR) of the side-channel information. It has been shown that SNR primarily depends on algorithmic and circuit-level implementation, measurement noise, as well as device thermal noise. However, to the best of our knowledge, there has not been any study on the effect of power delivery network (PDN) on SCA resistance. We note that the PDN plays a significant role in SNR of measured supply current. Furthermore, SCA resistance strongly depends on the operating frequency due to RLC structure of a power grid. In this paper, we analyze the effect of power grid on SCA and provide quantitative results to demonstrate the frequency-dependent SCA resistance due to PDN-induced noise. This property can potentially be exploited by an attacker to facilitate the attack by operating a device at favorable frequency points. On the other hand, from a designers perspective, one can explore countermeasures to secure the device at all operating frequencies while minimizing the design overhead. Based on this observation, we propose a frequency-dependent noise-injection based compensation technique to efficiently protect against SCA. Simulation results using realistic PDN model as well as experimental measurements using FPGA test board validate the observations on role of PDN in SCA and the efficacy of the proposed compensation approach.

Tile Before Multiplication: An Efficient Strategy to Optimize DSP Multiplier for Accelerating Prime Field ECC for NIST Curves

High speed DSP blocks present in the modern FPGAs can be used to implement prime field multiplication to accelerate Elliptic Curve scalar multiplication in prime fields. However, compared to logic slices, DSP blocks are scarce resources, hence its usage needs to be optimized. The asymmetric 25 × 18 signed multipliers in FPGAs open a new paradigm for multiplier design, where operand decomposition becomes equivalent to a tiling problem. Previous literature has reported that for asymmetric multiplier, it is possible to generate a tiling (known as non-standard tiling) which requires less number of DSP blocks compared to standard tiling, generated by school book algorithm. In this paper, we propose a generic technique for such tiling generation and generate this tiling for field multiplication in NIST specified curves. We compare our technique with standard school book algorithm to highlight the improvement. The acceleration in ECC scalar multiplication due to the optimized field multiplier is experimentally validated for P-256. The impact of this accelerated scalar multiplication is shown for the key encapsulation algorithm PSEC-KEM (Provably Secure Key Encapsulation Mechanism).

ECC on Your Fingertips: A Single Instruction Approach for Lightweight ECC Design in GFp

Lightweight implementation of Elliptic Curve Cryptography on FPGA has been a popular research topic due to the boom of ubiquitous computing. In this paper we propose a novel single instruction based ultra-light ECC crypto-processor coupled with dedicated hard-IPs of the FPGAs. We show that by using the proposed single instruction framework and using the available block RAMs and DSPs of FPGAs, we can design an ECC crypto-processor for NIST curve P-256, requiring only 81 and 72 logic slices on Virtes-5 and Spartan-6 devices respectively. To the best of our knowledge, this is the first implementation of ECC which requires less than 100 slices on any FPGA device family.

Using Tweaks to Design Fault Resistant Ciphers

Side channel analysis and active fault analysis are now major threats to even mathematically robust cryptographic algorithms that are otherwise resistant to classical cryptanalysis. This paper focuses on designing encryption schemes that use secret tweaks to achieve innate security against fault analysis. The paper examines linear and non-linear secret tweak based versions of a recently proposed block cipher DRECON. The paper demonstrates that while both versions are secure against classical DFA, the non-linear tweak based version provides greater fault coverage against stronger fault models. Experimental results obtained on a SASEBO GII platform have been presented to establish the fact that combined security by construction against both DPA and DFA makes DRECON a strong candidate for the design of secure cryptographic primitives.

Reconfigurable LUT: A Double Edged Sword for Security-Critical Applications

Modern FPGAs offer various new features for enhanced reconfigurability and better performance. One of such feature is a dynamically Reconfigurable LUT RLUT whose content can be updated internally, even during run-time. There are many scenarios like pattern matching where this feature has been shown to enhance the performance of the system. In this paper, we study RLUT in the context of secure applications. We describe the basic functionality of RLUT and discuss its potential applications for security. Next, we design several case-studies to exploit RLUT feature in security critical scenarios. The exploitation are studied from a perspective of a designer e.g. designing countermeasures as well as a hacker inserting hardware Trojans.

Integrated Sensor: A Backdoor for Hardware Trojan Insertions?

Embedded system face a serious threat from physical attacks when applied in critical applications. Therefore, modern systems have several integrated sensors to detect potential threats. In this paper, we put forward a new issue where these sensors can open other security loopholes. We demonstrate that sensors, which are deployed to prevent faults, can be exploited to insert effective and almost zero-overhead hardware Trojans. Two case studies are presented on Xilinx Virtex-5 FPGA. The first case study exploits the in-build temperature sensor of Virtex-5 system monitors while the other exploits a user deployed sensor. Both the sensor can be used to trigger a powerful Trojan with minimal and at times zero overhead.

Shuffling across rounds: A lightweight strategy to counter side-channel attacks

Side-channel attacks are a potent threat to the security of devices implementing cryptographic algorithms. Designing lightweight countermeasures against side-channel analysis that can run on resource constrained devices is a major challenge. One such lightweight countermeasure is shuffling, in which the designer randomly permutes the order of execution of potentially vulnerable operations. State of the art shuffling countermeasures advocate shuffling a set of independent operations in a single round of a cryptographic algorithm, but are often found to be insufficient as standalone countermeasures. In this paper, we propose a two-round version of the shuffling countermeasure, and test its security when applied to a serialized implementation of AES-128 using Test Vector Leakage Assessment (TVLA). Our results show that the required number of traces to break AES-128 implemented using our proposed countermeasure is significantly larger than the implementations using simple one-round shuffling. Furthermore, the new shuffling method has significantly lower overhead of around 1.3 times, as compared to other side-channel countermeasures such as masking that have an overhead of approximately two times.

Fault Based Almost Universal Forgeries on CLOC and SILC

\(\textsf {CLOC}\) and \(\textsf {SILC}\) are two blockcipher based authenticated encryption schemes, submitted to the CAESAR competition, that aim to use low area buffer and handle short input efficiently. The designers of the schemes claimed \(\frac{n}{2}\)-bit integrity security against nonce reusing adversaries, where n is the blockcipher state size in bits. In this paper, we present single fault-based almost universal forgeries on both \(\textsf {CLOC}\) and \(\textsf {SILC}\) with only one single bit fault at a fixed position of a specific blockcipher input. In the case of CLOC, the forgery can be done for almost any nonce, associated data and message triplet, except some nominal restrictions on associated data. In the case of SILC, the forgery can be done for almost any associated data and message, except some nominal restrictions on associated data along with a fixed nonce. Both the attacks on \(\textsf {CLOC}\) and SILC require several nonce-misusing encryption queries. This attack is independent of the underlying blockcipher and works on the encryption mode. In this paper, we also validate the proposed fault based forgery methodology by performing actual fault attacks by electromagnetic pulse injection which shows practicality of the proposed forgery procedure. Finally, we provide updated constructions, that can resist the fault attack on the mode assuming the underlying blockcipher is fault resistant. We would like to note that our attacks do not violate the designers’ claims as our attacks require fault. However, it shows some vulnerability of the schemes when fault is feasible.

An efficient high speed implementation of flexible characteristic-2 multipliers on FPGAs

Multipliers which can support flexible input size are a crucial component of finite field processors. The present paper targets efficient VLSI design of such variable size multipliers, operating on characteristic 2 field polynomials with degree varying to 512 bits. In order to optimize the area, and speed the design employs a sequential architecture, utilizing the Karatsuba-Ofman decomposition. The architecture reduces the critical path by designing an overlap free variant of the original Karatsuba algorithm. Apart from exploring wrt. the design parameters, namely levels and thresholding for Karatsuba multipliers, the paper also observes the effect of combinations of overlap free and naive Karatsuba multipliers on the overall area and speed. The results show that on a standard Virtex-4 platform, two levels of overlap free Karatsuba multipliers provides better area-time product and lesser computation delay.

Testing of Side-Channel Leakage of Cryptographic Intellectual Properties: Metrics and Evaluations

Embedded cryptographic IP forms the basis of security in a modern system on chip. Therefore such cryptographic IPs must be equipped with side-channel countermeasures and tested thoroughly. However testing side-channel resistance by performing a group of attacks is sub-optimal and not comprehensive. In recent years, efficient testing mechanisms based on statistical tests have been proposed which makes side-channel testing fast, robust, and more importantly error free. In this chapter, we will focus on three such metrics: Guessing Entropy, Normalized Inter-Class Variance (NICV), and Test Vector Leakage Assessment (TVLA). We provide the statistical background needed for proper understanding of these tests, along with practical case studies on real unprotected and protected targets.